nVidia drivers and xorg
Rahul Sundaram
sundaram at redhat.com
Wed May 18 16:05:04 UTC 2005
Arjan van de Ven wrote:
>>Might need to change xorg.conf to etc_runtime_t?
>>
>>
>
>I would hate to see us making our selinux policy less secure for an
>external, not shipped, binary kernel module.
>
>
>
I would agree with you generally but this particular module is
widespread and end users are likely to turn off SELinux altogether when
they hit problems with it. We might have to consider the balance for
this one carefully. Maybe provide a well documented SELinux boolean
which can be optionally enabled by end users installing the kernel
module while keeping the defaults more secure
regards
Rahul
More information about the test
mailing list